微信授权(静默授权,非静默授权)
一、前言
微信授权分为静默授权和非静默授权,两者的区别在于,前者不需要微信用户点击授权按钮,但只能获取微信openid,后者需点击授权按钮,但能获取微信用户基本信息(openid、微信昵称、性别、头像地址、国籍、省、市),为什么获取不到手机号码?答案在这里。
二、准备
1、花6块钱在花生壳买个域名,将域名映射到本地项目80端口上。
2、申请测试号 测试号申请入口。(测试号申请成功后可以看见 appID和appsecret),自己手机微信扫一下,将自己二维码加进去。
三、配置
将在花生壳里买的域名填到这里
四、上代码
import com.aem.project.system.giftmall.member.service.IPointsMemberService;
import com.aem.project.system.wx.profession.domain.ReturnCode;
import com.aem.project.system.wx.profession.util.AuthUtil;
import com.alibaba.fastjson.JSONObject;
import com.google.gson.Gson;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.text.ParseException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
@Controller
@RequestMapping("/wx/authorization")
public class WxAuthorizationController {
private static final Logger logger = Logger.getLogger(String.valueOf(WxAuthorizationController.class));
@Autowired
private IPointsMemberService memberService;
/**
* 公众号微信登录授权
第一步:
return code 本地自测(注意:需要申请域名) 重定向去找授权方法
*/
@RequestMapping(value = "/wxLogin", method = RequestMethod.GET)
public String wxLogin(HttpServletRequest request, HttpServletResponse response)
throws ParseException {
//这个url的域名必须要进行在公众号中进行注册验证,这个地址是成功后的回调地址
String backUrl="http://aem315.natapp1.cc/traceability/wx/authorization/callBack";
// 第一步:用户同意授权,获取code
String url ="https://open.weixin.qq.com/connect/oauth2/authorize?appid="+ AuthUtil.APPID + "&redirect_uri="+ URLEncoder.encode(backUrl) + "&response_type=code"
+ "&scope=snsapi_userinfo" + "&state=STATE#wechat_redirect";
logger.info("forward重定向地址{" + url + "}");
return "redirect:"+url;//必须重定向,否则不能成功
}
/**
* 公众号微信登录授权回调函数
第一种授权方式:非静默授权(需微信用户点击授权按钮,获取微信用户全部信息)
*/
@RequestMapping(value = "/callBack", method = RequestMethod.GET)
public void callBack(ModelMap modelMap, HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
/*
* start 获取微信用户基本信息
*/
String code =req.getParameter("code");
//第二步:通过code换取网页授权access_token
String url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid="+AuthUtil.APPID + "&secret="+ AuthUtil.APPSECRET + "&code="+code
+ "&grant_type=authorization_code";
System.out.println("url:"+url);
JSONObject jsonObject = AuthUtil.doGetJson(url);
/*
{ "access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID",
"scope":"SCOPE"
}
*/
String openid = jsonObject.getString("openid");
String access_token = jsonObject.getString("access_token");
String refresh_token = jsonObject.getString("refresh_token");
//第五步验证access_token是否失效;展示都不需要
String chickUrl="https://api.weixin.qq.com/sns/auth?access_token="+access_token+"&openid="+openid;
JSONObject chickuserInfo = AuthUtil.doGetJson(chickUrl);
System.out.println(chickuserInfo.toString());
if(!"0".equals(chickuserInfo.getString("errcode"))){
// 第三步:刷新access_token(如果需要)-----暂时没有使用,参考文档https://mp.weixin.qq.com/wiki,
String refreshTokenUrl="https://api.weixin.qq.com/sns/oauth2/refresh_token?appid="+openid+"&grant_type=refresh_token&refresh_token="+refresh_token;
JSONObject refreshInfo = AuthUtil.doGetJson(chickUrl);
/*
{ "access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID",
"scope":"SCOPE" }
*/
access_token=refreshInfo.getString("access_token");
}
// 第四步:拉取用户信息(需scope为 snsapi_userinfo)
String infoUrl = "https://api.weixin.qq.com/sns/userinfo?access_token="+access_token + "&openid="+openid + "&lang=zh_CN";
System.out.println("infoUrl:"+infoUrl);
JSONObject userInfo = AuthUtil.doGetJson(infoUrl);
/*
{ "openid":" OPENID",
" nickname": NICKNAME,
"sex":"1",
"province":"PROVINCE"
"city":"CITY",
"country":"COUNTRY",
"headimgurl": "http://wx.qlogo.cn/mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WKSYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4eMsv84eavHiaiceqxibJxCfHe/46",
"privilege":[ "PRIVILEGE1" "PRIVILEGE2" ],
"unionid": "o6_bmasdasdsad6_2sgVt7hMZOPfL"
}
*/
System.out.println("JSON-----"+userInfo.toString());
System.out.println("名字-----"+userInfo.getString("nickname"));
System.out.println("头像-----"+userInfo.getString("headimgurl"));
/*
* end 获取微信用户基本信息
*/
//获取到用户信息后就可以进行重定向,走自己的业务逻辑了。。。。。。
//接来的逻辑就是你系统逻辑了,请自由发挥
//(为什么获取不到手机号?)https://developers.weixin.qq.com/miniprogram/dev/framework/open-ability/getPhoneNumber.html
//判断会员表中有没有该微信会员信息
String openId=userInfo.getString("openid");
List list= memberService.selectMemberByOpenid(openId);
if(list.size()<=0){
//会员表中没有该微信会员
//openID nickName sex headimgurl(头像地址) province(省) city(市) language(语言)
PointsMember pointsMember=new PointsMember();
pointsMember.setOpenid(openId);
pointsMember.setNickname(userInfo.getString("nickname"));
pointsMember.setSex(userInfo.getString("sex"));
pointsMember.setHeadimgurl(userInfo.getString("headimgurl"));
pointsMember.setMemberAreacode(userInfo.getString("province")+userInfo.getString("city"));
pointsMember.setCreateDate(new Date());
pointsMember.setCreateTime(new Date());
memberService.insertMember(pointsMember);
}
//else 有
}
/**
* 公众号微信登录授权回调函数
第二种授权方式:静默授权(无需微信用户点击授权按钮,但是只能获取微信用户openId)
*/
@RequestMapping("/getOpenid")
public void authorize(HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
Map map = new HashMap();
String str = null;
String code = request.getParameter("code");
ReturnCode returnCode = null;
InputStreamReader reader = null;
BufferedReader breader = null;
try {
//通过获取access_token获得openid和access_token
URL url = new URL("https://api.weixin.qq.com/sns/oauth2/access_token?appid="
+ AuthUtil.APPID+"&secret="+ AuthUtil.APPSECRET+"&code="+code+
"&grant_type=authorization_code");
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.connect();
reader = new InputStreamReader(connection.getInputStream());
breader = new BufferedReader(reader);
StringBuffer strb = new StringBuffer();
while (null != (str = breader.readLine())) {
strb.append(str);
}
Gson gson = new Gson();
returnCode = gson.fromJson(strb.toString(), ReturnCode.class);
//根据用户Access_token和openid获取用户信息
System.out.println("打印用户openId=================="+returnCode.getOpenid());
} catch (Exception e) {
e.printStackTrace();
}
try {
breader.close();
reader.close();
} catch (IOException e) {
e.printStackTrace();
}
// return new ModelAndView(new RedirectView(Wx_Util.sendPage+"/wxdraw/productscan?qrcode="+qrcode+"" +
// "&openid="+returnCode.getOpenid()));
}
}
五、测试
http://你的域名/项目后缀/wx/authorization/wxLogin
用谷歌浏览器打开,它会提示你去微信里去。在地址栏中会生成一大串罗里吧嗦的链接地址,复制下来,在微信里随便找个人发过去,打开链接。